root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Refactor ReactiveOAuth2ClientAutoConfiguration for non webapps 

Non web applications might want to leverage
`ReactiveClientRegistrationRepository` and
`ServerOAuth2AuthorizedClientRepository` to configure `WebClient`.

Closes gh-14350
This commit is contained in:
Madhura Bhave 2018-09-10 14:09:19 -07:00
parent 5bb3eed84d
commit 968a637e50
6 changed files with 202 additions and 331 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/reactive/ReactiveOAuth2ClientAutoConfiguration.java
View File

@ -15,15 +15,32 @@
*/
package org.springframework.boot.autoconfigure.security.oauth2.client.reactive;
import java.util.ArrayList;
import java.util.List;
import reactor.core.publisher.Flux;
import org.springframework.boot.autoconfigure.AutoConfigureBefore;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.security.oauth2.client.ClientsConfiguredCondition;
import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties;
import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter;
import org.springframework.boot.autoconfigure.security.reactive.ReactiveSecurityAutoConfiguration;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Conditional;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository;
import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
/**
* {@link EnableAutoConfiguration Auto-configuration} for Spring Security's Reactive
@ -34,10 +51,42 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio
*/
@Configuration
@AutoConfigureBefore(ReactiveSecurityAutoConfiguration.class)
@ConditionalOnClass({ EnableWebFluxSecurity.class, ClientRegistration.class })
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.REACTIVE)
@Import({ ReactiveOAuth2ClientRegistrationRepositoryConfiguration.class,
ReactiveOAuth2WebSecurityConfiguration.class })
@EnableConfigurationProperties(OAuth2ClientProperties.class)
@ConditionalOnClass({ Flux.class, EnableWebFluxSecurity.class, ClientRegistration.class })
public class ReactiveOAuth2ClientAutoConfiguration {
private final OAuth2ClientProperties properties;
public ReactiveOAuth2ClientAutoConfiguration(OAuth2ClientProperties properties) {
this.properties = properties;
}
@Bean
@Conditional(ClientsConfiguredCondition.class)
@ConditionalOnMissingBean(ReactiveClientRegistrationRepository.class)
public InMemoryReactiveClientRegistrationRepository clientRegistrationRepository() {
List<ClientRegistration> registrations = new ArrayList<>(
OAuth2ClientPropertiesRegistrationAdapter
.getClientRegistrations(this.properties).values());
return new InMemoryReactiveClientRegistrationRepository(registrations);
}
@Bean
@ConditionalOnBean(ReactiveClientRegistrationRepository.class)
@ConditionalOnMissingBean
public ReactiveOAuth2AuthorizedClientService authorizedClientService(
ReactiveClientRegistrationRepository clientRegistrationRepository) {
return new InMemoryReactiveOAuth2AuthorizedClientService(
clientRegistrationRepository);
}
@Bean
@ConditionalOnBean(ReactiveOAuth2AuthorizedClientService.class)
@ConditionalOnMissingBean
public ServerOAuth2AuthorizedClientRepository authorizedClientRepository(
ReactiveOAuth2AuthorizedClientService authorizedClientService) {
return new AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository(
authorizedClientService);
}
}

60
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/reactive/ReactiveOAuth2ClientRegistrationRepositoryConfiguration.java
View File

@ -1,60 +0,0 @@
/*
* Copyright 2012-2018 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.boot.autoconfigure.security.oauth2.client.reactive;
import java.util.ArrayList;
import java.util.List;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.security.oauth2.client.ClientsConfiguredCondition;
import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties;
import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Conditional;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
/**
* {@link Configuration} used to map {@link OAuth2ClientProperties} to client
* registrations.
*
* @author Madhura Bhave
*/
@Configuration
@EnableConfigurationProperties(OAuth2ClientProperties.class)
@Conditional(ClientsConfiguredCondition.class)
class ReactiveOAuth2ClientRegistrationRepositoryConfiguration {
private final OAuth2ClientProperties properties;
ReactiveOAuth2ClientRegistrationRepositoryConfiguration(
OAuth2ClientProperties properties) {
this.properties = properties;
}
@Bean
@ConditionalOnMissingBean(ReactiveClientRegistrationRepository.class)
public InMemoryReactiveClientRegistrationRepository clientRegistrationRepository() {
List<ClientRegistration> registrations = new ArrayList<>(
OAuth2ClientPropertiesRegistrationAdapter
.getClientRegistrations(this.properties).values());
return new InMemoryReactiveClientRegistrationRepository(registrations);
}
}

45
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/reactive/ReactiveOAuth2WebSecurityConfiguration.java
View File

@ -1,45 +0,0 @@
/*
* Copyright 2012-2018 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.boot.autoconfigure.security.oauth2.client.reactive;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
/**
* {@link Configuration} used to create an in-memory
* {@link ReactiveOAuth2AuthorizedClientService}.
*
* @author Madhura Bhave
* @since 2.1.0
*/
@Configuration
public class ReactiveOAuth2WebSecurityConfiguration {
@Bean
@ConditionalOnBean(ReactiveClientRegistrationRepository.class)
@ConditionalOnMissingBean
public ReactiveOAuth2AuthorizedClientService authorizedClientService(
ReactiveClientRegistrationRepository clientRegistrationRepository) {
return new InMemoryReactiveOAuth2AuthorizedClientService(
clientRegistrationRepository);
}
}

188
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/reactive/ReactiveOAuth2ClientAutoConfigurationTests.java
View File

@ -15,14 +15,28 @@
*/
package org.springframework.boot.autoconfigure.security.oauth2.client.reactive;
import java.util.ArrayList;
import java.util.List;
import org.junit.Test;
import reactor.core.publisher.Flux;
import org.springframework.boot.autoconfigure.AutoConfigurations;
import org.springframework.boot.test.context.FilteredClassLoader;
import org.springframework.boot.test.context.runner.ReactiveWebApplicationContextRunner;
import org.springframework.boot.test.context.runner.WebApplicationContextRunner;
import org.springframework.boot.test.context.runner.ApplicationContextRunner;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository;
import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import static org.assertj.core.api.Assertions.assertThat;
@ -33,69 +47,161 @@ import static org.assertj.core.api.Assertions.assertThat;
*/
public class ReactiveOAuth2ClientAutoConfigurationTests {
private ReactiveWebApplicationContextRunner contextRunner = new ReactiveWebApplicationContextRunner()
private ApplicationContextRunner contextRunner = new ApplicationContextRunner()
.withConfiguration(
AutoConfigurations.of(ReactiveOAuth2ClientAutoConfiguration.class));
private static final String REGISTRATION_PREFIX = "spring.security.oauth2.client.registration.login";
@Test
public void autoConfigurationShouldImportConfigurations() {
public void clientRegistrationRepositoryBeanShouldNotBeCreatedWhenPropertiesAbsent() {
this.contextRunner.run((context) -> assertThat(context)
.doesNotHaveBean(ClientRegistrationRepository.class));
}
@Test
public void clientRegistrationRepositoryBeanShouldBeCreatedWhenPropertiesPresent() {
this.contextRunner.withPropertyValues(REGISTRATION_PREFIX + ".foo.client-id=abcd",
REGISTRATION_PREFIX + ".foo.client-secret=secret",
REGISTRATION_PREFIX + ".foo.provider=github").run((context) -> {
assertThat(context).hasSingleBean(
ReactiveOAuth2ClientRegistrationRepositoryConfiguration.class);
assertThat(context)
.hasSingleBean(ReactiveOAuth2WebSecurityConfiguration.class);
ReactiveClientRegistrationRepository repository = context
.getBean(ReactiveClientRegistrationRepository.class);
ClientRegistration registration = repository
.findByRegistrationId("foo").block();
assertThat(registration).isNotNull();
assertThat(registration.getClientSecret()).isEqualTo("secret");
});
}
@Test
public void authorizedClientServiceBeanIsConditionalOnClientRegistrationRepository() {
this.contextRunner.run((context) -> assertThat(context)
.doesNotHaveBean(ReactiveOAuth2AuthorizedClientService.class));
}
@Test
public void configurationRegistersAuthorizedClientServiceBean() {
this.contextRunner
.withUserConfiguration(ReactiveClientRepositoryConfiguration.class)
.run((context) -> assertThat(context).hasSingleBean(
InMemoryReactiveClientRegistrationRepository.class));
}
@Test
public void authorizedClientServiceBeanIsConditionalOnMissingBean() {
this.contextRunner
.withUserConfiguration(
ReactiveOAuth2AuthorizedClientRepositoryConfiguration.class)
.run((context) -> {
assertThat(context)
.hasSingleBean(ReactiveOAuth2AuthorizedClientService.class);
assertThat(context).hasBean("testAuthorizedClientService");
});
}
@Test
public void authorizedClientRepositoryBeanIsConditionalOnAuthorizedClientService() {
this.contextRunner.run((context) -> assertThat(context)
.doesNotHaveBean(ServerOAuth2AuthorizedClientRepository.class));
}
@Test
public void configurationRegistersAuthorizedClientRepositoryBean() {
this.contextRunner
.withUserConfiguration(
ReactiveOAuth2AuthorizedClientServiceConfiguration.class)
.run((context) -> assertThat(context).hasSingleBean(
AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository.class));
}
@Test
public void authorizedClientRepositoryBeanIsConditionalOnMissingBean() {
this.contextRunner
.withUserConfiguration(
ReactiveOAuth2AuthorizedClientRepositoryConfiguration.class)
.run((context) -> {
assertThat(context)
.hasSingleBean(ServerOAuth2AuthorizedClientRepository.class);
assertThat(context).hasBean("testAuthorizedClientRepository");
});
}
@Test
public void autoConfigurationConditionalOnClassFlux() {
assertWhenClassNotPresent(Flux.class);
}
@Test
public void autoConfigurationConditionalOnClassEnableWebFluxSecurity() {
FilteredClassLoader classLoader = new FilteredClassLoader(
EnableWebFluxSecurity.class);
this.contextRunner.withClassLoader(classLoader)
.withPropertyValues(REGISTRATION_PREFIX + ".foo.client-id=abcd",
REGISTRATION_PREFIX + ".foo.client-secret=secret",
REGISTRATION_PREFIX + ".foo.provider=github")
.run((context) -> {
assertThat(context).doesNotHaveBean(
ReactiveOAuth2ClientRegistrationRepositoryConfiguration.class);
assertThat(context).doesNotHaveBean(
ReactiveOAuth2WebSecurityConfiguration.class);
});
assertWhenClassNotPresent(EnableWebFluxSecurity.class);
}
@Test
public void autoConfigurationConditionalOnClassClientRegistration() {
FilteredClassLoader classLoader = new FilteredClassLoader(
ClientRegistration.class);
assertWhenClassNotPresent(ClientRegistration.class);
}
private void assertWhenClassNotPresent(Class<?> classToFilter) {
FilteredClassLoader classLoader = new FilteredClassLoader(classToFilter);
this.contextRunner.withClassLoader(classLoader)
.withPropertyValues(REGISTRATION_PREFIX + ".foo.client-id=abcd",
REGISTRATION_PREFIX + ".foo.client-secret=secret",
REGISTRATION_PREFIX + ".foo.provider=github")
.run((context) -> {
assertThat(context).doesNotHaveBean(
ReactiveOAuth2ClientRegistrationRepositoryConfiguration.class);
assertThat(context).doesNotHaveBean(
ReactiveOAuth2WebSecurityConfiguration.class);
});
.run((context) -> assertThat(context)
.doesNotHaveBean(ReactiveOAuth2ClientAutoConfiguration.class));
}
@Test
public void autoConfigurationConditionalOnReactiveWebApplication() {
WebApplicationContextRunner contextRunner = new WebApplicationContextRunner()
.withConfiguration(AutoConfigurations
.of(ReactiveOAuth2ClientAutoConfiguration.class));
contextRunner.withPropertyValues(REGISTRATION_PREFIX + ".foo.client-id=abcd",
REGISTRATION_PREFIX + ".foo.client-secret=secret",
REGISTRATION_PREFIX + ".foo.provider=github").run((context) -> {
assertThat(context).doesNotHaveBean(
ReactiveOAuth2ClientRegistrationRepositoryConfiguration.class);
assertThat(context).doesNotHaveBean(
ReactiveOAuth2WebSecurityConfiguration.class);
});
@Configuration
static class ReactiveClientRepositoryConfiguration {
@Bean
public ReactiveClientRegistrationRepository clientRegistrationRepository() {
List<ClientRegistration> registrations = new ArrayList<>();
registrations.add(getClientRegistration("first", "http://user-info-uri.com"));
registrations.add(getClientRegistration("second", "http://other-user-info"));
return new InMemoryReactiveClientRegistrationRepository(registrations);
}
private ClientRegistration getClientRegistration(String id, String userInfoUri) {
ClientRegistration.Builder builder = ClientRegistration
.withRegistrationId(id);
builder.clientName("foo").clientId("foo").clientAuthenticationMethod(
org.springframework.security.oauth2.core.ClientAuthenticationMethod.BASIC)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.scope("read").clientSecret("secret")
.redirectUriTemplate("http://redirect-uri.com")
.authorizationUri("http://authorization-uri.com")
.tokenUri("http://token-uri.com").userInfoUri(userInfoUri)
.userNameAttributeName("login");
return builder.build();
}
}
@Configuration
@Import(ReactiveClientRepositoryConfiguration.class)
static class ReactiveOAuth2AuthorizedClientServiceConfiguration {
@Bean
public ReactiveOAuth2AuthorizedClientService testAuthorizedClientService(
ReactiveClientRegistrationRepository clientRegistrationRepository) {
return new InMemoryReactiveOAuth2AuthorizedClientService(
clientRegistrationRepository);
}
}
@Configuration
@Import(ReactiveOAuth2AuthorizedClientServiceConfiguration.class)
static class ReactiveOAuth2AuthorizedClientRepositoryConfiguration {
@Bean
public ServerOAuth2AuthorizedClientRepository testAuthorizedClientRepository(
ReactiveOAuth2AuthorizedClientService authorizedClientService) {
return new AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository(
authorizedClientService);
}
}
}

65
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/reactive/ReactiveOAuth2ClientRegistrationRepositoryConfigurationTests.java
View File

@ -1,65 +0,0 @@
/*
* Copyright 2012-2018 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.boot.autoconfigure.security.oauth2.client.reactive;
import org.junit.Test;
import org.springframework.boot.test.context.runner.ApplicationContextRunner;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
import static org.assertj.core.api.Assertions.assertThat;
/**
* Tests for {@link ReactiveOAuth2ClientRegistrationRepositoryConfiguration}.
*
* @author Madhura Bhave
*/
public class ReactiveOAuth2ClientRegistrationRepositoryConfigurationTests {
private final ApplicationContextRunner contextRunner = new ApplicationContextRunner();
private static final String REGISTRATION_PREFIX = "spring.security.oauth2.client.registration.login";
@Test
public void clientRegistrationRepositoryBeanShouldNotBeCreatedWhenPropertiesAbsent() {
this.contextRunner
.withUserConfiguration(
ReactiveOAuth2ClientRegistrationRepositoryConfiguration.class)
.run((context) -> assertThat(context)
.doesNotHaveBean(ClientRegistrationRepository.class));
}
@Test
public void clientRegistrationRepositoryBeanShouldBeCreatedWhenPropertiesPresent() {
this.contextRunner
.withUserConfiguration(
ReactiveOAuth2ClientRegistrationRepositoryConfiguration.class)
.withPropertyValues(REGISTRATION_PREFIX + ".foo.client-id=abcd",
REGISTRATION_PREFIX + ".foo.client-secret=secret",
REGISTRATION_PREFIX + ".foo.provider=github")
.run((context) -> {
ReactiveClientRegistrationRepository repository = context
.getBean(ReactiveClientRegistrationRepository.class);
ClientRegistration registration = repository
.findByRegistrationId("foo").block();
assertThat(registration).isNotNull();
assertThat(registration.getClientSecret()).isEqualTo("secret");
});
}
}

114
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/reactive/ReactiveOAuth2WebSecurityConfigurationTests.java
View File

@ -1,114 +0,0 @@
/*
* Copyright 2012-2018 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.boot.autoconfigure.security.oauth2.client.reactive;
import java.util.ArrayList;
import java.util.List;
import org.junit.Test;
import org.springframework.boot.test.context.runner.ApplicationContextRunner;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import static org.assertj.core.api.Assertions.assertThat;
/**
* Tests for {@link ReactiveOAuth2WebSecurityConfiguration}.
*
* @author Madhura Bhave
*/
public class ReactiveOAuth2WebSecurityConfigurationTests {
private final ApplicationContextRunner contextRunner = new ApplicationContextRunner();
@Test
public void authorizedClientServiceBeanIsConditionalOnClientRegistrationRepository() {
this.contextRunner
.withUserConfiguration(ReactiveOAuth2WebSecurityConfiguration.class)
.run((context) -> assertThat(context)
.doesNotHaveBean(ReactiveOAuth2AuthorizedClientService.class));
}
@Test
public void configurationRegistersAuthorizedClientServiceBean() {
this.contextRunner
.withUserConfiguration(ReactiveClientRepositoryConfiguration.class,
ReactiveOAuth2WebSecurityConfiguration.class)
.run((context) -> assertThat(context)
.hasSingleBean(ReactiveOAuth2AuthorizedClientService.class));
}
@Test
public void authorizedClientServiceBeanIsConditionalOnMissingBean() {
this.contextRunner
.withUserConfiguration(OAuth2AuthorizedClientServiceConfiguration.class,
ReactiveOAuth2WebSecurityConfiguration.class)
.run((context) -> {
assertThat(context)
.hasSingleBean(ReactiveOAuth2AuthorizedClientService.class);
assertThat(context).hasBean("testAuthorizedClientService");
});
}
@Configuration
static class ReactiveClientRepositoryConfiguration {
@Bean
public ReactiveClientRegistrationRepository clientRegistrationRepository() {
List<ClientRegistration> registrations = new ArrayList<>();
registrations.add(getClientRegistration("first", "http://user-info-uri.com"));
registrations.add(getClientRegistration("second", "http://other-user-info"));
return new InMemoryReactiveClientRegistrationRepository(registrations);
}
private ClientRegistration getClientRegistration(String id, String userInfoUri) {
ClientRegistration.Builder builder = ClientRegistration
.withRegistrationId(id);
builder.clientName("foo").clientId("foo").clientAuthenticationMethod(
org.springframework.security.oauth2.core.ClientAuthenticationMethod.BASIC)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.scope("read").clientSecret("secret")
.redirectUriTemplate("http://redirect-uri.com")
.authorizationUri("http://authorization-uri.com")
.tokenUri("http://token-uri.com").userInfoUri(userInfoUri)
.userNameAttributeName("login");
return builder.build();
}
}
@Configuration
@Import(ReactiveClientRepositoryConfiguration.class)
static class OAuth2AuthorizedClientServiceConfiguration {
@Bean
public ReactiveOAuth2AuthorizedClientService testAuthorizedClientService(
ReactiveClientRegistrationRepository clientRegistrationRepository) {
return new InMemoryReactiveOAuth2AuthorizedClientService(
clientRegistrationRepository);
}
}
}